James Stronz
Cloud Security Engineer at ResMed- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
Topline Score
Bio
Credentials
-
AWS Certified SysOps Administrator - Associate
Amazon Web Services (AWS)Dec, 2022- Sep, 2024 -
AWS Certified Solutions Architect - Associate (SAA)
Amazon Web Services (AWS)Feb, 2022- Sep, 2024 -
Certificate in Software Development & Design Essentials
UW Professional & Continuing EducationSep, 2021- Sep, 2024 -
Certificate in Embedded & Real-Time Systems Programming
UW Professional & Continuing EducationJun, 2020- Sep, 2024 -
Certificate in C++ Programming
UW Professional & Continuing EducationSep, 2019- Sep, 2024
Experience
-
ResMed
-
United States
-
Medical Equipment Manufacturing
-
700 & Above Employee
-
Cloud Security Engineer
-
Apr 2022 - Present
- Discovered and remediated CVE-2022-35861 - Tuned IAM policies that mapped to ISO 27002 guidance for ~700 AWS member accounts - Provided remediation instructions on security findings to harden internal infrastructure - Discovered and remediated CVE-2022-35861 - Tuned IAM policies that mapped to ISO 27002 guidance for ~700 AWS member accounts - Provided remediation instructions on security findings to harden internal infrastructure
-
-
-
Change Healthcare
-
United States
-
IT Services and IT Consulting
-
700 & Above Employee
-
Cloud Security Engineer
-
May 2021 - Apr 2022
- Implement IaC and serverless functions that will push logs into the SIEM - Aggregate logs from AWS, GCP, and Azure into the SIEM - Provision CI/CD resources using Terraform - Implement IaC and serverless functions that will push logs into the SIEM - Aggregate logs from AWS, GCP, and Azure into the SIEM - Provision CI/CD resources using Terraform
-
-
-
Network Perception
-
United States
-
Computer and Network Security
-
1 - 100 Employee
-
DevSecOps Engineer
-
Jun 2016 - Apr 2021
- Discovered and remediated CVE-2019-16328 - Design CI/CD Pipelines for Mac, Windows, and Linux - Project an actionable timeline to fulfill NERC CIP-013 (risk management) - Implement DAST/SAST to provide a baseline for application security - Maintain infrastructure resources that support daily developer operations - Delivered our ForeScout module for NERC CIP compliance (technology partnership) - Extended audit support for cloud platforms and subgraphs - Identified data exposures, a RCE, and other insecurities - Engineered loosely-coupled system enhancements in Python - Refactored the model inference-analysis interface
-
-
-
FireEye, Inc.
-
United States
-
Computer and Network Security
-
400 - 500 Employee
-
Research Engineer
-
Sep 2015 - Jun 2016
· Pioneered dynamic URL inspection for email—team effort· Balanced data usability and performance, NoSQL datastore· Designed a strategy-based framework for web crawlers
-
-
Intern, Vulnerability Researcher
-
Jun 2015 - Sep 2015
· Extended the FireEye Exploit Analysis Framework· Presented detection procedures, CVE-2015-2419· Collected millions of hooked DLL observations
-
-
-
Scottrade
-
United States
-
Financial Services
-
400 - 500 Employee
-
Intern, Brokerage Operations
-
Jun 2012 - Jul 2013
· Provided the initial point of contact to clients · Branch Achievement Award for Outstanding Performance · 900 Club Award for superior customer satisfaction · Provided the initial point of contact to clients · Branch Achievement Award for Outstanding Performance · 900 Club Award for superior customer satisfaction
-
-
Education
-
University of Illinois at Urbana-Champaign
Bachelor of Science - BS, Mathematics
Community
